>>>>>>Hi,
>>>>>>
>>>>>>I am wondering if it is a good idea to encrypt user name and email address of users in User and Password Table? Of course, I encrypt password field entry. But I am not sure of what is a good practice with regards to User Name and Email Address columns. TIA for any input.
>>>>>
>>>>>Would that be useful ? You can always use a view that hides those if necessary
>>>>
>>>>Sorry but I don't understand your comment. When you are saying a view, you mean SQL Server view?
>>>
>>>Yes.
>>
>>I see. But I am not sure if a SQL Server view will be necessary here. If I encrypt these columns (User Name and Email) nobody will see the entries in them but the user of my application (because it will decrypt them). If I leave the values in the columns non-encrypted, then a DBA can open the table and see the values.
>>
>>I was just wondering what other developers do in such cases as my thinking was that I don't want a DBA to complain that I do something that is not a standard practice (leaving User Name and Email in the table as is or encrypted).
>
>Dunno - but if it's only the dba that can see the email address - I would not worry. (1) it's the dba and (2) it's only an email address

Thank you.